I thought that I had the PassSync working until I ran into this problem:
Passwords are not synchronized from FDS to AD. When accounts are added
to FDS, they do show up in AD ( Although sometimes the cn attribute gets
base64 encoded ), but I cannot authenticate to AD. When I change
passwords in the FDS side, they are not changed ( or not sent ) to AD.
If I change passwords in AD, they are changed in the FDS.
The logs show that something is happening (changed host names and dn's)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): No linger to cancel on the connection
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin -
windows_acquire_replica returned success (101)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): State: ready_to_acquire_replica -> sending_updates
[13/Jun/2006:15:03:41 -0700] - _cl5PositionCursorForReplay (agmt="cn=AD"
(ad:636)): Consumer RUV:
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replicageneration} 448f18ae000000010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replica 1 ldap://fds:389} 448f18e4000100010000
448f363d03d400010000 448f363d
[13/Jun/2006:15:03:41 -0700] - _cl5PositionCursorForReplay (agmt="cn=AD"
(ad:636)): Supplier RUV:
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replicageneration} 448f18ae000000010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replica 1 ldap://fds:389} 448f18e4000100010000
448f363d03d700010000 448f363d
[13/Jun/2006:15:03:41 -0700] agmt="cn=AD" (ad:636) - session start:
anchorcsn=448f363d03d400010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - changelog program -
agmt="cn=AD" (ad:636): CSN 448f363d03d400010000 found, position set for
replay
[13/Jun/2006:15:03:41 -0700] agmt="cn=AD" (ad:636) - load=1 rec=1
csn=448f363d03d600010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): windows_replay_update: Looking at modify operation local
dn="uid=user,ou=people,dc=server,dc=,dc=" (ours,user,not group)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): windows_replay_update: Processing modify operation local
dn="uid=user,ou=people,dc=server,dc=,dc=" remote
dn="<GUID=16f869dcfdde3d42bcb075fd4a1c7980>"
I'm not sure what is going on, I can talk via SSL from FDS to AD, and
I'm assuming that the PassSync service is working properly since the
changes from AD to FDS work.
Any suggestions?